Caddy version (caddy version
):
v2.4.5 h1:P1mRs6V2cMcagSPn+NWpD+OEYUYLIf6ecOa48cFGeUg=
Caddyfile or JSON config:
"a" 27L, 641B written
(blacklists) {
# From private_ranges: 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 127.0.0.0/8 fd00::/8 ::1
# Docker bridge network 172.17.0.1/16
@not_me {
not remote_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 127.0.0.0/8 fd00::/8 ::1 172.17.0.1/16 123.123.123.123/32
}
@not_wife {
not remote_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 127.0.0.0/8 fd00::/8 ::1 172.17.0.1/16 456.456.456.456/32
}
@not_me_or_wife {
not remote_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 127.0.0.0/8 fd00::/8 ::1 172.17.0.1/16 123.123.123.123/32 456.456.456.456/32
}
}
mine.foo.com {
handle @not_me {
respond "Access denied" 403 {
close
}
}
reverse_proxy localhost:8000
}
mine_and_wifes.foo.com {
handle @not_me_or_wife {
respond "Access denied" 403 {
close
}
}
reverse_proxy localhost:8001
}
wife.foo.com {
handle @not_wife {
respond "Access denied" 403 {
close
}
}
reverse_proxy localhost:8002
}
The question:
Is there a way to simplify the blacklists sections by merging remote IPs? I know I could have multiple @handle
s for each domain instead of a single one but I’m looking not to do that and instead do something like:
"a" 27L, 641B written
(blacklists) {
@self {
remote_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 127.0.0.0/8 fd00::/8 ::1
}
@needed {
@self
remote_ip 172.17.0.1/16
}
@me {
@needed
remote_ip 123.123.123.123/32
}
@not_me { not { @me } }
@wife {
@needed
remote_ip 456.456.456.456/32
}
@not_wife { not { @wife } }
@not_me_or_wife { not { @me @wife } }
}
mine.foo.com {
handle @not_me {
respond "Access denied" 403 {
close
}
}
reverse_proxy localhost:8000
}
mine_and_wifes.foo.com {
handle @not_me_or_wife {
respond "Access denied" 403 {
close
}
}
reverse_proxy localhost:8001
}
wife.foo.com {
handle @not_wife {
respond "Access denied" 403 {
close
}
}
reverse_proxy localhost:8002
}
``` Can caddy merge ip_ranges?